I always say you've got to have the right tools to do a good job of looking for and exploiting security holes. This is especially true for wireless networks where tools (and the proper hardware configuration to run them on) are harder to come by than run-of-the-mill Windows security tools. Acquiring the right tools is the first and most important step in testing your wireless security.

Download this free guide

Download Our 17-Page Mobile Application Management Handbook

Experts provide best practices for mobile application delivery and management to help deal with the flood of mobile devices, new applications and data security demands.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

For starters, you need good wireless cards -- not one but two, maybe three. The reason is that different tools require -- or at least work better with -- specific wireless chipsets. I've had good luck with the old Orinoco Gold card as well as the Netgear WAG511v2. Refer to your tool documentation for the best fit. Another good thing to look for is a card that has an external antenna connector for hooking up a Cantenna or similar wireless signal booster device. This can make all the difference in the world when rooting out low-powered or hidden wireless devices.

As far as wireless security testing software goes, I recommend the following:

Free Tools

NetStumbler quickly identifies basic wireless devices that will respond to an "anybody out there?" request.

Kismet roots out wireless devices that have their SSIDs hidden or otherwise won't respond to basic NetStumbler probes. If you're not into Linux or don't want to spend hours if not days setting up your wireless card drives in Linux, you can run Kismet directly from the BackTrack Live CD.

Don't overlook the fact that wireless security testing doesn't just involve access points, laptops and the 802.11 protocol. Wireless is merely an entry point into your network -- not necessarily a standalone entity to test. Once you're able to obtain wireless network connectivity via MAC address spoofing, WEP/WPA cracking or whatever, you still have a ways to go poking around your Windows environment and testing Web applications, databases and so on. For a list of recommended tools, check out the Top 15 security tools for testing Windows.

That said, know that you're not going to find all wireless security vulnerabilities with tools alone. Knowledge of how wireless networks work combined with general networking, OS and security experience are all equally important.

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy